Broadcom - Interskill Learning Mainframe Training

[email protected]

The Online Mainframe Training Specialists
Search   Course Catalog  
Return to Catalog Home     Return to Curriculum Listing

Secure Coding on the Mainframe

Duration

3 hours

Overview

IT Security is one of the most important issues for any business. Security breaches occur regularly that can have a profound effect on a business and its customers. This course introduces you to secure software development and secure coding for all computer platforms. You will see the significance of following secure software development frameworks and standards to protect software code as well as secure coding best practices ensuring vulnerabilities are minimized. Furthermore, the course covers how to apply secure coding practices to applications programs on z/OS. This includes validating and cleansing input data, protecting program storage and memory, using enhanced authorization, using compiler features to improve security, and detecting and handling errors

Audience

TThis is aimed at Application Programmers responsible for designing and coding applications across multiple platforms including z/OS.

Prerequisites

A programming background with an understanding of fundamental z/OS concepts.

Objectives

After completing this course, the student will be able to:

  • Describe the Basic Steps Used to Secure Software Applications
  • Identify Common Vulnerabilities that Software Developers Need to Be Aware Of
  • Identify Types of Input Data That May Need to Be Validated by a Mainframe Program
  • Describe How Storage Is Protected in z/OS from Inappropriate Access and Modification
  • Identify Compiler Features Used to Improve Security in a z/OS Environment

Course Content

Introduction to Secure Coding

Importance of Security
NIST Secure Software Development Framework (SSDF)
NIST SSDF Groups
Security within the Software Development Life Cycle (SDLC)
Design for Security
Secure Coding Practices
Reviewing Source Code
Dynamic Testing
Deploy with Security
Vulnerabilities
Authentication and Security
Data and Encryption
Handling Errors and Logging
Protecting Databases and Files

z/OS Secure Programming for Application Programs

Validating Data
Standard Data Formats
Language Features and Functions
SQL and Command Injection
Cleansing Data
Reentrant Programs
Middleware Storage Protection
Initializing Storage
Pointers
Enhanced Authority
Error Handling

Secure Coding on the Mainframe – Mastery Test


Search our catalog